In many applications, the password is sent as cleartext to the server to be authenticated thus providing the eavesdropper with opportunity to steal valuable data. This paper presents a simple protocol based on zero knowledge proof by which the user can prove to the authentication server that he has the password without having to send the password to the server as either cleartext or in encrypted format. Thus the user can authenticate himself without having to actually reveal the password to the server. Also, another version of this protocol has been proposed which makes use of public key cryptography thus adding one more level of security to the protocol and enabling mutual authentication between the client & server. © Springer-Verlag Berlin Heidelberg 2013.
CITATION STYLE
Datta, N. (2013). Zero knowledge password authentication protocol. Advances in Intelligent Systems and Computing, 203, 71–79. https://doi.org/10.1007/978-3-642-35461-8_7
Mendeley helps you to discover research relevant for your work.